Your Data, Your Choice

Share

Your Data, Your Choice

Not so long ago, consumers worried if there would ever be a way for them to protect their personal data on the Net. Suddenly, there are so many privacy initiatives that the choice is overwhelming.

Novell introduced software this week that was designed to protect users' Net identities from spammers and invasive Web marketers.

Great idea. But it's hardly the first attempt to establish user control over privacy preferences.

Software vendors, a new category of "information brokers" and oversight organizations like Truste are pursuing a variety of new models for building consumer trust on the Web.

And the World Wide Web Consortium – the body that oversees Web technology standards – has been trying for years to establish an open privacy protocol, the Platform for Privacy Preferences (P3P).

"There's always going to be confusion before there is clarity," said Susan Scott, executive director of Truste. "Initially it's going to be slow-moving. Companies are trying to figure out how to address privacy issues."

Novell's new entry, called "digitalme," is strikingly like the Web Consortium's proposed P3P standard in its approach, and one could have a direct impact on the other.

With digitalme, software on the PC, the server, or both gives a user control over the release of identifying data and Web preferences. A virtual "meCard" in the software contains a user's information and covers it up or reveals according to the practices of the site a user visits.

The Platform for Privacy Preferences has been in development for years by the World Wide Web Consortium, or W3C. Its intention was to let users specify conditions under which they are willing to divulge personal information online.

Upon arrival at a site, P3P-based software can instantly read the site's privacy policies, which are listed in P3P's "machine-readable" format.

How do the two relate?

"P3P is trying to set a standard," said Scott. "What Novell is doing is setting something that is close as they can to P3P but remains proprietary. But I think they're going to hit their own hurdles in getting it adopted widely."

They are actually likely to work together. P3P is meant to serve as a standard protocol to help any Web-using software, including the new digitalme software, negotiate a privacy relationship between provider and user.

"Let's say you have digitalme profile in its name and address," Scott said. "On the server side, you need the ability for the server to read that name and address so you're using the same language, the same vocabulary."